https://github.com/osquery/osquery logo
Powered by
Title
o

oneiroi

03/29/2023, 4:04 PM
Hi All, Has anyone notice an issue with the Osquery 
iptables
virtual table returning nothing ? I've dug into the source code and have a potential theory why this issues exists, but also wanted to reach out here incase anyone has seen this "gotcha". ?
p

Pankaj Singh

03/29/2023, 4:12 PM
try running osquery with root user
o

oneiroi

03/29/2023, 4:12 PM
@Pankaj Singh no difference 😞
p

Pankaj Singh

03/29/2023, 4:12 PM
oh got it
ubuntu 22.04 version right?
Ubuntu 22.04 iptables uses the iptables-nft mode inside it. we have to use the iptables-legacy mode.
@oneiroi take this as a reference it worked for me
https://www.danami.com/clients/knowledgebase/194/How-can-I-switch-back-to-iptables-from-nftables-after-upgrading-to-Ubuntu.html?language=english
s

seph

03/29/2023, 11:31 PM
Please ask questions in one place. I answered this elsewhere. But as Pankaj said, you need the iptables compatibility shim.
#linuxJoin Slack
Powered by